Skip to content

ATOMGAMERAGA/AtomGuard

Repository files navigation

AtomGuard Logo

βš›οΈ AtomGuard

Multi-layered Minecraft server security plugin for Paper 1.21.4 + Velocity

Latest Release Build Java 21 Paper 1.21.4 Velocity License Modrinth Downloads

Available on Modrinth

πŸ“¦ Downloads Β |Β  🟒 Modrinth Β |Β  πŸ“‹ Changelog


AtomGuard is an open-source, enterprise-grade security plugin that protects your Minecraft server against DDoS attacks, bot floods, crash exploits, and duplication glitches. It runs on both Paper 1.21.4 and Velocity proxy, stopping threats before they ever reach your backend.


Table of Contents


πŸš€ Why AtomGuard?

Feature AtomGuard Other Plugins
Velocity Proxy Protection βœ… 12+ modules, fully integrated ❌ None / very limited
DDoS & Bot Protection βœ… 5-level attack management ⚠️ Basic
VPN / Proxy Detection βœ… 7-provider consensus chain ⚠️ 1–2 APIs
IPTables Integration βœ… Kernel-level blocking ❌ None
Real-Time Threat Score βœ… Multi-factor scoring ❌ None
Crash & Dupe Protection βœ… 44+ modules ⚠️ 10–20 modules
Forensics & Attack Recording βœ… Full session capture ❌ None
Traffic Intelligence Engine βœ… EWMA + Isolation Forest ❌ None
Trust Score System βœ… Per-player, persistent ❌ None
Developer API βœ… Maven artifact ❌ None
Config Language βœ… English (v2.0.2+) β€”

✨ What's New in v2.0

v2.0.2 β€” Full English Translation

  • All config keys, YAML sections, and Java source strings translated from Turkish to English
  • Default language is now en; config keys renamed across all 44+ modules and managers
  • Automatic migration step for existing installations (no manual config edits needed)

v2.0.1 β€” Async Connection Pipeline

  • ConnectionListener.onPreLogin() now returns EventTask.resumeWhenComplete() β€” eliminates the 5-second blocking that caused player timeouts
  • VPNCheck and AccountFirewallCheck migrated from .get() to non-blocking CompletableFuture chains with timeouts
  • ConnectionCheck interface gains checkAsync() default method; full processAsync() pipeline

v2.0.0 β€” Major Release

  • Extended Public API β€” ITrustService, IForensicsService, IConnectionPipeline exposed via AtomGuardAPI
  • Forensics System β€” ForensicsManager / PacketRecorder / RecordingSession record attack-moment packet sessions to disk
  • Traffic Intelligence Engine β€” AdaptiveThresholdManager, EWMADetector, IsolationForestDetector for adaptive anomaly detection
  • Notification Manager β€” multi-provider routing (Discord, Telegram, Slack, console)
  • Trust Score Manager β€” per-player persistent trust scores with tier system and JSON persistence
  • Executor Manager β€” shared thread pool management across the plugin
  • Web Panel β€” JWT authentication, API handlers, SSE live feed, geo-map dashboard
  • Config Migration β€” automatic 1.x β†’ 2.0 migration for both core and Velocity configs
  • Velocity Bedrock Support β€” BedrockSupportModule distinguishes Bedrock players from bots
  • New API Events β€” NotificationSentEvent, PostVerificationEvent, PreConnectionCheckEvent, TrustScoreChangeEvent

πŸ›‘οΈ Velocity Proxy Module

AtomGuard's Velocity module stops threats at the proxy layer before they reach your backend servers. It synchronizes with the core module via Redis or Plugin Messaging.

βš”οΈ DDoS & Connection Protection

Component Description
AttackLevelManager 5-level attack management β€” NONE / ELEVATED / HIGH / CRITICAL / LOCKDOWN with hysteresis to prevent rapid oscillation
SmartThrottle Engine Automatic rate limiting scaled to current attack level
SYN Flood Detector Blocks connections exceeding per-second threshold automatically
TrafficAnomalyDetector Z-score, slow-ramp, and pulse attack detection
EnhancedSlowloris Per-IP pending connection tracking with system-wide alarm
ConnectionFingerprinter Protocol + hostname + timing fingerprint for botnet army detection
SubnetAnalyzer /24 and /16 coordinated botnet detection
IPReputationTracker DDoS-specific reputation score (0–100) with automatic temporary ban
AttackSessionRecorder Full session capture from attack start to end, JSON output
VerifiedPlayerShield Guaranteed slots for clean players at CRITICAL/LOCKDOWN levels

πŸ€– Bot Protection

  • Multi-Factor Threat Score β€” connection speed, handshake, client brand, join pattern, username, geolocation, and protocol analysis
  • Brand Analysis β€” recognizes Fabric, Forge, Lunar, Badlion, LabyMod and other known clients; blocks bot/exploit clients
  • Join Pattern Detector β€” statistically detects bot swarm behavior
  • CAPTCHA System β€” routes suspicious players to limbo for a math challenge
  • Verified Player Cache β€” players with a successful login history skip analysis entirely

🌐 VPN / Proxy Detection β€” 7 Layers

# Provider Description
1 Local List Instant local blacklist
2 CIDR Blocker IP range-based blocking
3 DNSBL Spamhaus, DroneBL, and custom lists
4 IPHub Commercial VPN/proxy database
5 ProxyCheck.io Real-time proxy verification
6 AbuseIPDB Abuse history database
7 IPApi ASN + hosting detection

Consensus system: At least 2 providers must agree before blocking. A single provider cannot cause a false positive.

🌍 Geo Filtering

  • Country-based whitelist / blacklist via MaxMind GeoIP2
  • Configurable policy for unknown countries

πŸ”’ Firewall & Account Protection

  • IP Reputation Engine β€” score based on successful logins, flood, and exploit history
  • Auto-Ban Engine β€” rule-based temporary / permanent bans
  • Account Firewall β€” Mojang API verification, account age check, cracked policy
  • Blacklist / Whitelist β€” JSON-based, updatable at runtime

⚑ IPTables Integration

  • Real-time kernel-level IP blocking (iptables / nftables)
  • Automatic rule cleanup
  • /24 subnet ban support

πŸ”„ Protocol & Connection Control

  • Crash Loop Detection β€” more than 3 disconnects within 30 seconds
  • Protocol Filter β€” restricts to allowed client versions
  • Packet Size Limit β€” blocks oversized / malformed packets

πŸ’¬ Chat & Command Protection

  • Chat rate limit, duplicate message detection, pattern analysis
  • Tab-complete flood, command flood, server-switch spam protection

πŸ“‘ Synchronization

  • Redis Bridge β€” instant cross-server ban / alert synchronization
  • Plugin Messaging β€” secure Core ↔ Velocity communication
  • Discord / Telegram / Slack Webhooks β€” attack, bot, VPN, DDoS notifications

πŸ”¨ Core Module (Paper)

πŸ’₯ Crash & Exploit Protection β€” 44+ Modules

Category Modules
Packet Exploits packet-exploit, offline-packet, netty-crash, packet-delay
NBT Attacks nbt-crash, item-sanitizer, custom-payload, advanced-payload
World Crashers book-crash, lectern-crash, map-label-crash, frame-crash
Chunk / Entity chunk-crash, entity-interact-crash, container-crash
Duplication bundle-duplication, inventory-duplication, cow-duplication, mule-duplication, advanced-duplication
Inventory invalid-slot, bundle-lock, creative-items, anvil-craft-crash
Movement movement-security, coordinate-normalize
Commands command-crash, component-crash
Performance redstone-limiter, explosion-limiter, piston-limiter, falling-block-limiter, smart-lag
Bot Protection anti-bot, bot-protection, connection-throttle, token-bucket, honeypot
Visual / Render visual-crasher, view-distance-mask, shulker-byte
Storage storage-entity-lock

πŸ€– AtomShieldβ„’ β€” Core Bot Protection

  • 9 Checks β€” connection rate, gravity, packet timing, ping/handshake, protocol, username pattern, first-join behavior, post-join behavior, brand analysis
  • Heuristic Engine β€” per-player profile with statistical anomaly detection
  • Verification System β€” challenge applied to suspicious players
  • Attack Mode β€” auto-activates when TPS drops or flood is detected

πŸ”¬ Forensics & Intelligence (v2.0+)

  • ForensicsManager β€” records packet sessions at attack moments; snapshots saved to disk
  • PacketRecorder β€” configurable buffer, concurrent recording sessions, auto-record threshold
  • TrafficIntelligenceEngine β€” EWMA-based adaptive thresholds, Isolation Forest anomaly detection
  • AdaptiveThresholdManager β€” learns traffic patterns, adjusts thresholds automatically

πŸ“Š Trust Score System (v2.0+)

  • Per-player persistent trust score with tier system (LOW / NORMAL / TRUSTED / ADMIN)
  • Score increases on clean sessions, decreases on violations
  • Trusted players can bypass bot checks and VPN checks automatically
  • JSON persistence with auto-save

🌐 Web Panel (v2.0+)

  • JWT-based authentication (/api/login)
  • Live event feed via SSE
  • Module status dashboard
  • Geo-map of recent events
  • Attack history and statistics

⚑ Performance & Integrations

  • MySQL + HikariCP β€” connection pool with WAL mode for SQLite fallback
  • Redis Pub/Sub β€” network-wide synchronization
  • Caffeine Cache β€” all TTL-based caches (bypass, cooldown, API results) use Caffeine
  • Notification Manager β€” multi-channel alert routing (Discord, Telegram, Slack)
  • Async Logging β€” 7-day rotation, async file writing

πŸ“¦ Requirements

Component Version Required
Java 21+ Yes
Paper / Forks 1.21.4 Yes
PacketEvents 2.6.0+ Yes (Core)
Velocity 3.x Proxy only
MySQL 8.0+ Optional
Redis 7.x Optional
MaxMind GeoIP2 β€” Optional

πŸš€ Installation

Paper Server

# 1. Drop PacketEvents into plugins/
#    https://modrinth.com/plugin/packetevents

# 2. Drop AtomGuard-core-2.0.2.jar into plugins/

# 3. Start the server β€” config is generated automatically

# 4. Edit plugins/AtomGuard/config.yml

Velocity Proxy

# 1. Drop AtomGuard-velocity-2.0.2.jar into Velocity plugins/

# 2. Start the proxy β€” config is generated automatically

# 3. Edit plugins/atomguard-velocity/config.yml

# 4. For Redis sync, enable on both sides:
#    redis.enabled: true

Upgrading from 1.x / 2.0.x? AtomGuard automatically migrates your existing config on first startup. No manual changes needed.


πŸ’» Commands & Permissions

Command Description Permission
/atomguard Help menu atomguard.admin
/atomguard reload Reload config atomguard.reload
/atomguard status Module statuses atomguard.admin
/atomguard stats Statistics atomguard.admin
/panic Emergency mode β€” tightens all modules atomguard.panic
Permission Description
atomguard.bypass Bypasses all protections
atomguard.notify Receives exploit notifications

πŸ”Œ Developer API

<dependency>
    <groupId>com.atomguard</groupId>
    <artifactId>AtomGuard-api</artifactId>
    <version>2.0.2</version>
    <scope>provided</scope>
</dependency>
AtomGuardAPI api = AtomGuardAPI.getInstance();

// IP reputation score
IReputationService rep = api.getReputationService();
int score = rep.getScore(player.getAddress().getAddress());

// Trust score (v2.0+)
ITrustService trust = api.getTrustService();
int trustScore = trust.getScore(player.getUniqueId());

// Forensics recording (v2.0+)
IForensicsService forensics = api.getForensicsService();
forensics.startRecording(player.getUniqueId());

// Toggle a module at runtime
IModuleManager modules = api.getModuleManager();
modules.setEnabled("anti-bot", false);

// Listen for exploit blocks
@EventHandler
public void onExploitBlocked(ExploitBlockedEvent event) {
    String module = event.getModuleName();
    Player player  = event.getPlayer();
}

// Listen for trust score changes (v2.0+)
@EventHandler
public void onTrustChange(TrustScoreChangeEvent event) {
    int newScore = event.getNewScore();
}

πŸ”§ Building

git clone https://github.com/ATOMGAMERAGA/AtomGuard.git
cd AtomGuard
mvn clean package -DskipTests

# Output:
#   core/target/AtomGuard-core-2.0.2.jar
#   velocity/target/AtomGuard-velocity-2.0.2.jar

Requirements: Java 21 JDK + Maven 3.8+


πŸ—οΈ Architecture

AtomGuard/
β”œβ”€β”€ api/       β†’ Public interfaces for developers (stable API contract)
β”œβ”€β”€ core/      β†’ Paper 1.21.4 main plugin (44+ modules, web panel, forensics)
└── velocity/  β†’ Velocity proxy module (DDoS, bot, VPN, firewall, geo)

Key design principles:

  • PacketEvents for all packet-level interception (loaded in onLoad())
  • Single PacketListener β€” all modules register handlers via registerReceiveHandler()
  • AbstractModule base β€” unified lifecycle, config access, exploit blocking, and event firing
  • AtomGuardAPI singleton β€” initialized after all managers and modules, stable across versions

🀝 Contributing

Want to contribute? Check CONTRIBUTING.md. All pull requests are welcome.

πŸ“œ License

This project is distributed under the BSD 3-Clause license. See LICENSE for details.


βš›οΈ AtomGuard β€” Protect your server.
Made with ❀️ by AtomGuard Team

About

πŸ›‘οΈ Advanced Minecraft Server Security & Exploit Protection β€” 44+ protection modules for Paper 1.21.4

Topics

Resources

License

Contributing

Security policy

Stars

3 stars

Watchers

1 watching

Forks

Packages

 
 
 

Contributors